Educause Security Discussion mailing list archives
Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact
From: Dan Updegrove <updegrove () MAIL UTEXAS EDU>
Date: Sun, 22 Sep 2002 14:42:48 -0500
Colleagues - Most campuses I'm familiar with have either: * a 24x7 staffed help desk, NOC, telecom call center, or data center - a 24x7 police dept/security office so external authorities could convey an alert 24x7x365. Then: how does the campus respond to the alert? * On-site staffer in the NOC diagnoses the problem and immediately shuts down the offending port(s) remotely * Network engineer on pager does this, after some contact delay If there is no campus response after <agreed-upon-time-depending-on-severity-of-attack>, we could envision an agreement whereby ISP(s) could disconnect campus Internet service. For multiply-connected sites this could be tricky, but we can, presumably assume that any multiply-connected campus is "large and/or sophisticated," so will have all-night staff and/or experts on pagers. Thus most, if not all, non-responding campuses could be shut down by one ISP, assuming that the cognizant law enforcement contact knows how to contact the ISP. There are risks here, of course: confused law enforcement agents issuing orders to shut down the wrong campus (Penn, not Penn State, etc.), or making arbitrary determinations as to the severity of the cyber attack. I believe, however, that this is worth our discussing. Dan At 01:41 PM 9/19/2002, Rodney Petersen wrote:
One of the recommendations in the "National Strategy To Secure Cyberspace" (www.securecyberspace.gov) is that "each college and university should consider establishing a point-of-contact, reachable at all times, to Internet service providers (ISPs) and law enforcement officials in the event that the school's IT systems are discovered to be launching cyber attacks." Is this a good idea? How could it be implemented across higher education? What are obstacles or challenges for moving forward with this recommendation? Other comments or insights? Rodney Petersen Security Task Force Coordinator EDUCAUSE ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
VP for Information Technology Phone (512) 232-9610 The University of Texas at Austin Fax (512) 232-9607 FAC 248 (Mail code: G9800) d.updegrove () its utexas edu P.O. Box 7407 http://wnt.utexas.edu/~danu/ Austin, TX 78713-7407 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Rodney Petersen (Sep 19)
- <Possible follow-ups>
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Gary Flynn (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Jim Moore (Sep 19)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Allen Chang (Sep 20)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Dan Updegrove (Sep 22)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Kevin Shalla (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Bruhn, Mark S. (Sep 23)
- Re: IHEs & NATIONAL STRATEGY: Single Point-Of-Contact Nick Tate (Sep 23)